On Jul 18, 2009, at 12:57 AM, Stephen Hemminger wrote:
buf[20] = '\0'; printk("first 20 chars: \"%s\"\n", buf); filp_close(fp, 0); } }One of the repeating mantra's of kernel development is: "Don't do file i/o in kernel code." Your code is wrong not just because kernel i/o can sleep, but also because there really is not just one namespace, so what is /etc/shadow! The right way to do something like this is to read/parse the file in a utility and pass the necessary data into the kernel module through other mechanisms (/proc,netlink, debugfs, ...)
Yes, I am well aware of the actual "badness" of the code in question. I was more curious and wondering why it behaved differently in different parts of the kernel but I kind of understand that now. The real code I'm working on is doing something similar as to what you describe with a utility in user space. I was also using netfilter_queue at one stage but for some reason I could not make that stable. With high traffic the netfilter_queue just stopped working for some reason and not because of buffer overrun (as far as I could tell) but due to something else that I never understood (probably some error in my code) so I went for something similar but simpler and more targeted for my needs.
/Stefan -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
